CVE-2025-11955 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Incorrect validation of OCSP certificates vulnerability in TheGreenBow VPN, versions 7.5 and 7.6. During the IKEv2 authentication step, the OCSP-enabled VPN cli…
High CVSS: 8.2

CVE-2025-11955

Incorrect validation of OCSP certificates vulnerability in TheGreenBow VPN, versions 7.5 and 7.6. During the IKEv2 authentication step, the OCSP-enabled VPN client establishes the tunnel even if it does not receive an OCSP response or if the OCSP response signature is invalid.
Vendor
-
Product
-
CWE
CWE-299
Yayın Tarihi
2025-10-27 12:15:32
Güncelleme
2025-10-27 13:19:49
Source Identifier
cve-coordination@incibe.es
KEV Date Added
-

Kategoriler

CWE-299 HIGH 2025

Referanslar

https://www.incibe.es/en/incibe-cert/notices/aviso/incorrect-validation-ocsp-certificates-thegreenbow-vpn-client-windows https://www.thegreenbow.com/en/support/security-alerts/